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LISTING OF THE CLAIMS 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Claims 1-8. (Canceled) 

Claim 9. (Currently Amended)A method of updating a token, comprising: 

accessing a database by user identification and token identification, wherein the database 
has a plurality of certificates/private keys associated with each token identification; 

determining which certificates/private keys of the plurality of certificates/private keys 
have not been downloaded to the token since the last update; 

encrypting all certificates/private keys of the plurality of certificates/private keys which 
have been not been downloaded to the token using a public key associated with the token 
identification in the database to form a download packet; 

downloading the download packet to the token; and 

activating the certificates/private keys in the download packet using thea private key in 
the token. 

Claim 10. (Currently Amended) A method as recited in claim 9, further comprising: 
accessing the database by token identification to identify certificates/private keys which 
are expired or no longer valid; and 
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deleting the certificates/private keys identified which are expired or no longer valid 
ieFffi from the token. 

Claim 1 1 . (Original) The method recited in claim 10, further comprising: 
transmitting a message to the user indicating no new certificates/private keys were found 
in the database when determined that all certificates/private keys of the plurality of 
certificates/private keys have been downloaded to the token since the last update from the 
database. 

Claim 12. (Previously Presented) The method recited in claim 1 1 5 wherein the 
plurality of certificates/private keys are at least one signature certificate/private key, encryption 
certificate/private key, and role certificate/private key. 

Claim 13. (Original) The method recited in claim 12, wherein the token is a smart card. 

Claims 14-17. (Canceled) 

Claim 1 8. (Currently Amended) A computer program for updating a token embodied 
on a computer readable medium and executable by a computer, comprising: 

accessing a database by user identification and token identification, wherein the database 
has a plurality of certificates/private keys associated with each token identification; 
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determining which certificates/private keys of the plurality of certificates/private keys 
have not been downloaded to the token since the last update; 

encrypting all certificates/private keys of the plurality of certificates/private keys which 
have been not been downloaded to the token using a public key associated with the token 
identification in the database to form a download packet; 

downloading the download packet to the token; and 

activating the certificates/private keys using thea private key in the token. 

Claim 19. (Original) The computer program as recited in claim 18, further comprising: 
accessing the database by token identification to identify certificates/private keys which 

are expired or no longer valid; and 

deleting the certificates/private keys identified which are expired or no longer valid from 

the token. 

Claim 20. (Original) The computer program recited in claim 19, further comprising: 
transmitting a message to the user indicating no new certificates/private keys were found 
in the database when determined that all certificates/private keys of the plurality of 
certificates/private keys have been downloaded to the token since the last update from the 
database. 
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Claim 21 . (Previously Presented) The computer program recited in claim 20, wherein 
the plurality of certificates/private keys are at least one signature certificate/private key, 
encryption certificate/private key, and role certificate/private key. 

Claim 22. (Original) The computer program recited in claim 21, wherein the token is a 
smart card. 

Claim 23. (Previously Presented) The method recited in claim 9, wherein the 
activating the certificates/private keys further comprises the entry of a passphrase. 

Claim 24. (Previously Presented) The method recited in claim 9, further comprising: 
revoking each certificate/private key associated with a selected token identification for a 
given token. 

Claim 25. (Previously Presented) The method recited in claim 9, wherein the token 
identification is assigned by the token manufacturer at the time the token is created and stored in 
the database when assigned to a user. 

Claim 26 (Previously Presented) The computer program recited in claim 18, wherein 
the activating occurs in response to receipt of a passphrase. 
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Claim 27. (Previously Presented) The computer program recited in claim 18, wherein 
the token identification is assigned by the token manufacturer at the time the token is created and 
stored in the database when assigned to a user. 

Claim 28. (Previously Presented) The computer program recited in claim 18, further 
comprising: revoking each certificate/private key associated with a selected token identification 
for a given token. 
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